| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Rank Math SEO plugin <= 1.0.119 versions. |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in A. R. Jones Featured Image Pro Post Grid plugin <= 5.14 versions. |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirteen Web Solution Video Gallery plugin <= 1.0.10 versions. |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Wolfgang Ertl weebotLite plugin <= 1.0.0 versions. |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Palasthotel by Edward Bock, Katharina Rompf Sunny Search plugin <= 1.0.2 versions. |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Cloud Primero B.V DBargain plugin <= 3.0.0 versions. |
| Cross-Site Request Forgery (CSRF) vulnerability in BRANDbrilliance Post State Tags plugin <= 2.0.6 versions. |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in John Newcombe eBecas plugin <= 3.1.3 versions. |
| Cross-Site Request Forgery (CSRF) vulnerability in Prashant Walke WP All Backup plugin <= 2.4.3 versions. |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Kyle Maurer Don8 plugin <= 0.4 versions. |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WPExperts Password Protected plugin <= 2.6.2 versions. |
| Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Twinpictures Column-Matic plugin <= 1.3.3 versions. |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Eji Osigwe DevBuddy Twitter Feed plugin <= 4.0.0 versions. |
| Auth. (subscriber+) Stored Cross-Site Scripting') vulnerability in Plainware Locatoraid Store Locator plugin <= 3.9.18 versions. |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in PI Websolution Product page shipping calculator for WooCommerce plugin <= 1.3.25 versions. |
| A flaw exists in FlashArray Purity wherein under limited circumstances, an array administrator can alter the retention lock of a pgroup and disable pgroup SafeMode protection.
|
| Ivanti Avalanche decodeToMap XML External Entity Processing. Fixed in version 6.4.1.236 |
| An attacker can send a specially crafted request which could lead to leakage of sensitive data or potentially a resource-based DoS attack. Fixed in version 6.4.1. |
| An attacker can send a specially crafted request which could lead to leakage of sensitive data or potentially a resource-based DoS attack. Fixed in version 6.4.1. |
| An unrestricted upload of file with dangerous type vulnerability exists in Avalanche versions 6.4.1 and below that could allow an attacker to achieve a remove code execution. |
